CVE-2012-10020

The FoxyPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadify.php file in versions up to, and including, 0.4.2.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may...

CVE-2012-10020

The FoxyPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadify.php file in versions up to, and including, 0.4.2.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may...

CVE-2012-10020 FoxyPress <= 0.4.2.1 - Arbitrary File Upload

The FoxyPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadify.php file in versions up to, and including, 0.4.2.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may...

CVE-2012-10020 FoxyPress <= 0.4.2.1 - Arbitrary File Upload

The FoxyPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadify.php file in versions up to, and including, 0.4.2.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may...

CVE-2012-10020

CVE-2012-10020 affects the FoxyPress WordPress plugin. Up to version 0.4.2.1, it allows unauthenticated arbitrary file uploads via uploadify.php due to missing file type validation, potentially enabling remote code execution. Affected software: FoxyPress plugin for WordPress (versions ≤ 0.4.2.1)....

WordPress plugin FoxyPress 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

PT-2025-30372

Name of the Vulnerable Software and Affected Versions FoxyPress versions up to 0.4.2.1 Description The FoxyPress plugin for WordPress is susceptible to arbitrary file uploads due to insufficient file type validation in the uploadify.php file. This allows unauthenticated attackers to upload...

WordPress Foxypress uploadify.php Arbitrary Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'WordPress Plugin Foxypress uploadify.php Arbitrary Code Execution', 'Description' = %q This module exploits an arbitrary PHP code...

WordPress Plugin Foxypress uploadify.php Arbitrary Code Execution

This module exploits an arbitrary PHP code execution flaw in the WordPress blogging software plugin known as Foxypress. The vulnerability allows for arbitrary file upload and remote code execution via the uploadify.php script. The Foxypress plugin versions 0.4.1.1 to 0.4.2.1 are vulnerable. This...

WordPress Foxypress Plugin Unrestricted File Upload

An unauthorized file upload vulnerability has been reported in WordPress Foxypress Plugin. A remote attacker could exploit this vulnerability by uploading a file to a server running the vulnerable application. Successful exploitation of this vulnerability could allow a remote attacker to execute...

FoxyPress 0.4.2.5-0.4.2.8 - Multiple Vulnerabilities

The foxypress WordPress plugin was affected by a Multiple Vulnerabilities security vulnerability...

Foxypress 0.4.1.1-0.4.2.1 - Arbitrary File Upload

The foxypress WordPress plugin was affected by an Arbitrary File Upload security vulnerability...

WordPress plugin Foxypress uploadify.php Arbitrary Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

Wordpress Foxypress Plugin 0.4.1.1 - 0.4.2.1 - Arbitrary File Upload

No description provided by source. Description : Wordpress Plugins - Foxypress Shell Upload Vulnerability Version : 0.4.1.1 - 0.4.2.1 Link : http://wordpress.org/extend/plugins/foxypress/ Plugins : http://downloads.wordpress.org/plugin/foxypress.zip Date : 26-05-2012 Google Dork :...

wordpress foxypress plugin 0.4.2.5 - Multiple Vulnerabilities

No description provided by source. waraxe-2012-SA095 - Multiple Vulnerabilities in Wordpress FoxyPress Plugin =============================================================================== Author: Janek Vind waraxe Date: 30. October 2012 Location: Estonia, Tartu Web:...

WordPress FoxyPress Plugin Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescription...

[waraxe-2012-SA#095] - Multiple Vulnerabilities in Wordpress FoxyPress Plugin

waraxe-2012-SA095 - Multiple Vulnerabilities in Wordpress FoxyPress Plugin =============================================================================== Author: Janek Vind "waraxe" Date: 30. October 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-95.html Description of vulnerab...

WordPress Plugin foxypress 0.4.2.5 - Multiple Vulnerabilities

waraxe-2012-SA095 - Multiple Vulnerabilities in Wordpress FoxyPress Plugin =============================================================================== Author: Janek Vind "waraxe" Date: 30. October 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-95.html Description of vulnerab...

WordPress Plugin foxypress 0.4.2.5 - Multiple Vulnerabilities

WordPress Plugin foxypress 0.4.2.5 - Multiple Vulnerabilities waraxe-2012-SA095 - Multiple Vulnerabilities in Wordpress FoxyPress Plugin =============================================================================== Author: Janek Vind "waraxe" Date: 30. October 2012 Location: Estonia, Tartu Web:...

WordPress Foxypress Plugin 0.4.2.5 - Multiple Vulnerabilities

Foxypress plugin is prone to multiple vulnerabilities. 1. Arbitrary file upload vulnerability via "documenthandler.php". It allows an attacker to upload files with arbitrary extension to remote system. 2. SQL Injection vulnerability via "documenthandler.php" that allows an attacker to insert any...